News Now

CU System

CUs' state-by-state breach data can inform advocacy efforts

MADISON, Wis. (1/24/14)--State leagues immediately started planning to use the state-by-state breakdowns from the Credit Union National Association's survey on Target data breach costs to ramp up their advocacy efforts to get merchants to cover costs created for credit unions and other financial institutions when a breach occurs via the merchants' systems.

For instance, League of Southeastern Credit Unions President/CEO Patrick La Pine noted Wednesday that Alabama and Florida credit unions that responded to the CUNA survey say that nearly 350,000 cards were breached bringing an estimated $1.8 million in total costs.

In an article in the Jan. 22 issue of his league's newsletter, eSignal, La Pine noted that the cost and scope of the Target data breach was a major topic of discussion for a Monday meeting Rep. Spencer Bachus (R-Ala.) in Birmingham.

La Pine said it "was a good meeting that sets up a larger conversation next month" when credit union advocates take their message to Capitol Hill during the Credit Union National Association's 2014 Governmental Affairs Conference. Credit unions' visits with federal lawmakers on top credit union issues is a key component of the CUNA GAC.

"Rep. Bachus was very open to our perspective on the data breach," La Pine said, adding that the former House Financial Services Committee chairman will expect to hear more from his constituent credit union reps during the GAC, to be held in Washington, D.C., Feb. 23-27.

Nationally, credit unions have already incurred costs estimated to be in the range of $25 million to $30 million as a result of the Target stores data security breach, the CUNA survey has shown. Actual costs could exceed this estimate in the coming weeks if greater fraud losses are incurred or if affected credit union add additional costs to their reported totals. The survey remains open for more submissions.

Among state credit union leagues that have reported state or regional totals to their member credit unions are:

The California and Nevada Credit Union Leagues, which reported 460,000 debit cards and 75,000 credit cards were affected in California, while Nevada cited 16,000 debit cards and 1,600 credit cards (CU Weekly Jan. 21). Total estimated costs for the two states are $2.8 million.

The Northwest Credit Union Association, which said that the Target breach already has cost Oregon and Washington credit unions an estimated $1.3 million. Oregon reported 148,000 debit cards and 27,700 credit cards had been affected, while Washington had 150,000 debit cards and 28,400 credit cards.

And, to date, 61 Pennsylvania credit unions participated in the survey, the state league said. About 148,000 debit cards and 27,700 credit cards were affected with an estimated total cost of $896,800 (Life is a Highway Jan. 22).